Because I don't want to rely on one major server that may be down. And yes, some of them are laptops.

Click to expand...

Latops can update from our servers, but the other machines should update from a local mirror. One of the advantages is that when your license is due you will only need to replace the username and password on the server and not on all machines. Another advantage for updating from a local mirror is that this way you decrease the Internet traffic and, what's more important, more users can download updates simultaneously. For instance, if a client with 100,000 licenses updated every computer from our servers I doubt other clients would get their updates which would expose them to risk.

I wonder whether you don't trust your server reliability and whether it goes down that often that you are affraid of udpating from it.

One of the goals of having an enterprise versions of antivirus software, is streamlining your network..specifically...traffic. Yes other benefits such as creating configurations and pushing installs and eyeballing all clients from a local console. However...network traffic. You setup your head antivirus server, in Esets case..your RAS box. This is the main server...which is set to download updates from Esets server...and shove them to in the "mirror" folder. It checks by default once an hour for updates..and if any are available (both definitions, and programs)...it pulls them down, and shoves them into the mirror. This gives your networks internet pipe..which is usually lean..rather small (usually 1-6 megs), and already congested on a network of decent size..just 1x hit to perform the job of antivirus updates. Normally the clients would be configured to pull these updates from this RAS box...ideally using http..and this update flows across your high speed LAN (usually at least 100 megs switched). Clients are usually set by default to heartbeat with the RAS every 5 minutes for this.

Versus...
Having 90 plus clients all check for updates at 1 hour intervals...stagged in time, creates a lot of DNS requests...extra hits to your domain controller for DNS request. And if found...they start downloading updates individually through your small internet connection. Possibly clogging it up a bit. Actually with 90 rigs, unknown DNS load/efficiency, and unknown size of internet pipe and other network designs...I see it as quite likely that you would see a lot of errors relating to not finding resources on the internet.

Why not set all the workstations to pull from the http mirror? I have an aweful lot of them setup at most of my clients..it's quite a reliable setup.

...Why not set all the workstations to pull from the http mirror? I have an aweful lot of them setup at most of my clients..it's quite a reliable setup.

Click to expand...

I can certainly vouch for that. Our setup is similiar to the above, except with another server layer in there. Master pulls from Eset and mirrors the files. Each site server pulls from it (WAN link) and mirrors, then the clients all pull from their individual site servers via http (LAN link). Remote users pick up their updates via VPN from the master server. We support ~3500 clients and 17 sites that way.

This is due to limited connections to each server. However, if connection to one of the servers fails NOD32 should try to update from others provided that you have the update server set to "Choose automatically".

Therefore, it's important to use update from a local mirror wherever possible, otherwise if the number of simultaneous connections exceeds the limit other clients will not be able to connect to that update server and receive that error.

We have a T3 connection and we don't pay for MBs, so 90mb/h traffic increase for me is nothing compared to complexity that I could face with one clients updating from local mirrors, others (laptops) from eset servers, etc. etc. I just don't think that number 90 is such a big number and worth extra maintenance work.

As someone posted here before, even at home, where I have 1 PC, I see update errors quite often.

I never saw update problems on other virus vendor servers (such as Norton, Kaspersky or Panda). Don't get me wrong, I like NOD32 very much, just think that ESET servers availability could be better. If someone knows where I could fill a complain about that would be great

I just don't think that number 90 is such a big number and worth extra maintenance work.

Click to expand...

It indeed is if you imagine that every client would downlaod a 10-MB component update, it's 900 MB in total. If every larger client would do the same it could happen that you would get updates delayed a lot.

Also note that in the case of larger updates they are pushed gradually and not at once so not all your clients would get updated imemdiately if they all are set to update from Eset's servers.

So, we should not configure updating set to "Choose utomatically"? I always understood this being the proper way.

Click to expand...

This thread is about Enterprise Edition..when you have a RAS box. One of the purposes of the RAS box is to be the source for definitions and program update...for all the workstations on the network the RAS box is a member of.

We have a T3 connection and we don't pay for MBs, so 90mb/h traffic increase for me is nothing compared to complexity that I could face with one clients updating from local mirrors, others (laptops) from eset servers, etc. etc. I just don't think that number 90 is such a big number and worth extra maintenance work.

Click to expand...

What complexity? If anything..it makes things tighter, more effecient! Even if you have a full T-3..it's not about not so much about being able to pork your bandwidth...but be efficient with it...and there is also the DNS loads. As a network admin...part of what we normally do is try to streamline networks, make things run more efficiently, and easier. Strive for the optimal design...and implement it.

What complexity? If anything..it makes things tighter, more effecient! Even if you have a full T-3..it's not about not so much about being able to pork your bandwidth...but be efficient with it...and there is also the DNS loads. As a network admin...part of what we normally do is try to streamline networks, make things run more efficiently, and easier. Strive for the optimal design...and implement it.

Yes, if we would live in perfect world . But sometimes you have to weight network perfection vs physical/material resources and to decide what is more efficient for your organization not for the perfect world, if you know what I mean.

Anyway this becomes a rant, I just wanted to know ESET their servers reliability could be better, that's all.

Sometimes there are connection problems to the Eset update servers, whether because they have reached a connection limit, there is internet trouble, or whatever. This shows up in the Event Log. In such case, NOD32 will try to connect to another server in its list. HOWEVER, if there is a successful connection to the new server, this does NOT show up in the log unless it actually causes NOD32 to download an update.

In other words, unless you are getting errors for all of the NOD32 update servers within a minute of each other, you are actually connecting to an Eset server, somewhere. It is just that you are not told of the successful connection.

Sometimes there are connection problems to the Eset update servers, whether because they have reached a connection limit, there is internet trouble, or whatever. This shows up in the Event Log. In such case, NOD32 will try to connect to another server in its list. HOWEVER, if there is a successful connection to the new server, this does NOT show up in the log unless it actually causes NOD32 to download an update.

Sometimes there are connection problems to the Eset update servers, whether because they have reached a connection limit, there is internet trouble, or whatever. This shows up in the Event Log. In such case, NOD32 will try to connect to another server in its list. HOWEVER, if there is a successful connection to the new server, this does NOT show up in the log unless it actually causes NOD32 to download an update.

Click to expand...

100% correct

I'd merely add that you are at higher risk with all PCs set to update from Eset's servers because in the event of a large update not all clients download it at once. If you used update from a mirror, you wouldn't experience this slight delay and would allow other 89 customers to connect to the servers instead of your redundant connections.